update
This commit is contained in:
parent
77c1bb84bd
commit
dbe0e45525
@ -3,9 +3,14 @@
|
||||
* Kaz addon (see https://git.kaz.bzh/KAZ/depollueur for information)
|
||||
* create un archive for a set of file or update file deadline
|
||||
|
||||
a.php?u=month&h=HHHHHHHH => deadline
|
||||
a.php?r=email => track
|
||||
a.php?p=email => period
|
||||
a.php?u=month&h=HHHHHHHH => update deadline
|
||||
a.php?g=l~k => zip
|
||||
a.php?s=mel@domain.org => send status e-mail
|
||||
a.php?time=month&key=password + POST file => upload
|
||||
a.php?s=mel@domain.org => form
|
||||
a.php?s=mel@domain.org&t=password + [action] => manage account
|
||||
action: a=login a=logout a=r[on|off] a=p[minute|hour|day|week|month|quarter]
|
||||
*/
|
||||
use PHPMailer\PHPMailer\PHPMailer;
|
||||
use PHPMailer\PHPMailer\SMTP;
|
||||
@ -62,7 +67,7 @@ define ('M_SEND_TOKEN', "Vous allez recevoir un lien d'accès temporaire &
|
||||
define ('M_INCONSISTENT_DATES',
|
||||
" (dates incohéantes avec ___FILENAME___ : ___DIRTIME___ != ___FILETIME___)");
|
||||
|
||||
define ('A_ACTION', 'a'); // action : T_SEND, T_LOGOUT, A_RECORD+(on|off), A_PERIOD(minute|hour|day|week|month|quarter)
|
||||
define ('A_ACTION', 'a'); // action : T_LOGIN, T_LOGOUT, A_RECORD+(on|off), A_PERIOD(minute|hour|day|week|month|quarter)
|
||||
define ('A_GET', 'g'); // get archive
|
||||
define ('A_HASH', 'h'); // file to update or delete
|
||||
define ('A_OPEN_TOKEN', 'o'); // ask token
|
||||
@ -85,8 +90,8 @@ define ('T_SIGN', 'sign');
|
||||
define ('T_NOT_FOUND', 'not_found');
|
||||
define ('T_OLD', 'old');
|
||||
define ('T_RENAME', 'rename');
|
||||
define ('T_SEND', 'send');
|
||||
define ('T_LOGOUT', 'lougout');
|
||||
define ('T_LOGIN', 'login');
|
||||
define ('T_LOGOUT', 'logout');
|
||||
define ('T_SENDER', 'sender');
|
||||
define ('T_TIME', 'time');
|
||||
define ('T_ID', 'id');
|
||||
@ -113,6 +118,31 @@ $message = '';
|
||||
/* Remove errors. */
|
||||
@error_reporting (0);
|
||||
|
||||
// ========================================
|
||||
if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
|
||||
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
|
||||
returnError (M_BAD_SENDER_NAME);
|
||||
$content = getSenderTrack ($_REQUEST [A_RECORD]).NL;
|
||||
header ('HTTP/1.0 200 OK');
|
||||
header ('Content-Length: ' . strlen ($content));
|
||||
header ('Content-Type: text/plain');
|
||||
echo $content;
|
||||
exit;
|
||||
}
|
||||
|
||||
// ========================================
|
||||
if (isset ($_REQUEST [A_PERIOD]) && !empty ($_REQUEST [A_PERIOD])) {
|
||||
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_PERIOD]))
|
||||
returnError (M_BAD_SENDER_NAME);
|
||||
$content = getSenderPeriod ($_REQUEST [A_PERIOD]).NL;
|
||||
header ('HTTP/1.0 200 OK');
|
||||
header ('Content-Length: ' . strlen ($content));
|
||||
header ('Content-Type: text/plain');
|
||||
echo $content;
|
||||
exit;
|
||||
}
|
||||
|
||||
// ========================================
|
||||
$doUpdate = false;
|
||||
if (isset ($_REQUEST [A_UPDATE]) && !empty ($_REQUEST [A_UPDATE])) {
|
||||
$doUpdate = true;
|
||||
@ -211,27 +241,46 @@ function period2seconds ($periodName) {
|
||||
}
|
||||
|
||||
// ========================================
|
||||
function setSenderFake ($error, $sender, $owner, $dirLink, $dirTime, $fileName, $fileTime) {
|
||||
if (!$sender)
|
||||
return;
|
||||
function setSenderFake ($error, $sender, $owner, $dirLink, $fileLink) {
|
||||
global $doLogout;
|
||||
|
||||
if (!file_exists (VAR_FAKE))
|
||||
mkdir (VAR_FAKE, 0755);
|
||||
file_put_contents (VAR_FAKE.$sender,
|
||||
$dirTime = $fileTime = $fileName = $fileType = $ip = '';
|
||||
if (count ($dirLink) != 0) {
|
||||
$dirTime = $dirLink ['upload_date'].date (" Y-m-d H:i:s", $dirLink ['upload_date']);
|
||||
$ip = $dirLink ['ip'];
|
||||
}
|
||||
if (!$sender)
|
||||
return;
|
||||
if (count ($fileLink) != 0) {
|
||||
$fileTime = $fileLink ['upload_date'].date (" Y-m-d H:i:s", $fileLink ['upload_date']);
|
||||
$fileName = $link ['file_name'];
|
||||
$fileType = $link ['mime_type'];
|
||||
}
|
||||
$content =
|
||||
"time : ".time ().NL.
|
||||
"date : ".date ("Y-m-d H:i:s").NL.
|
||||
"error : ".$error.NL.
|
||||
"sender: ".$sender.NL.
|
||||
"owner: ".$owner.NL.
|
||||
"dirLink: ".$dirLink.NL.
|
||||
"sender : <".$sender.">".NL.
|
||||
"owner : <".$owner.">".NL.
|
||||
"dirLink : <".$dirLink.">".NL.
|
||||
"dirTime : ".$dirTime.NL.
|
||||
"fileTime: ".$fileTime.NL);
|
||||
"fileName: ".$fileName.NL.
|
||||
rmToken ($sender);
|
||||
"dirIp : ".$ip.NL.
|
||||
"fileTime: ".$fileTime.NL.
|
||||
"fileType: <".$fileType.">".NL.
|
||||
"fileName: <".$fileName.">".NL;
|
||||
|
||||
$log = $ip.$sender;
|
||||
if ($log)
|
||||
file_put_contents (VAR_FAKE.$log, $content);
|
||||
|
||||
// $doLogout = true;
|
||||
// rmToken ($sender);
|
||||
}
|
||||
function getSenderFake ($sender) {
|
||||
if (!$sender)
|
||||
return;
|
||||
return file_exists (VAR_FAKE.$sender);
|
||||
return false;
|
||||
// return $sender && file_exists (VAR_FAKE.$sender);
|
||||
}
|
||||
|
||||
// ========================================
|
||||
@ -594,7 +643,7 @@ if ($doDownload) {
|
||||
|
||||
|
||||
if (false) {
|
||||
// log
|
||||
// debug
|
||||
$message .= print_r ($archiveInfo, 1);
|
||||
$message .= print_r ($archiveContent, 1);
|
||||
|
||||
@ -622,30 +671,6 @@ if ($doDownload) {
|
||||
exit;
|
||||
}
|
||||
|
||||
// ========================================
|
||||
if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
|
||||
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
|
||||
returnError (M_BAD_SENDER_NAME);
|
||||
$content = getSenderTrack ($_REQUEST [A_RECORD]).NL;
|
||||
header ('HTTP/1.0 200 OK');
|
||||
header ('Content-Length: ' . strlen ($content));
|
||||
header ('Content-Type: text/plain');
|
||||
echo $content;
|
||||
exit;
|
||||
}
|
||||
|
||||
// ========================================
|
||||
if (isset ($_REQUEST [A_PERIOD]) && !empty ($_REQUEST [A_PERIOD])) {
|
||||
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_PERIOD]))
|
||||
returnError (M_BAD_SENDER_NAME);
|
||||
$content = getSenderPeriod ($_REQUEST [A_PERIOD]).NL;
|
||||
header ('HTTP/1.0 200 OK');
|
||||
header ('Content-Length: ' . strlen ($content));
|
||||
header ('Content-Type: text/plain');
|
||||
echo $content;
|
||||
exit;
|
||||
}
|
||||
|
||||
// ========================================
|
||||
// form
|
||||
$token = '';
|
||||
@ -657,7 +682,7 @@ if (isset ($_REQUEST [A_TOKEN]) && !empty ($_REQUEST [A_TOKEN])) {
|
||||
|
||||
$refToken = getToken ($sender);
|
||||
$urlBase = $_SERVER ['HTTP_X_FORWARDED_PROTO']."://".$_SERVER ['HTTP_HOST'];
|
||||
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_SEND && $sender) {
|
||||
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGIN && $sender) {
|
||||
require (JIRAFEAU_ROOT . 'lib/template/header.php');
|
||||
if (getSenderFake ($sender))
|
||||
echo "Ce compte ne peut plus se connecter. Veuillez contacter les administrateurs.";
|
||||
@ -707,7 +732,7 @@ if (! ($sender && $token && $token == $refToken &&
|
||||
</tr>
|
||||
<tr class="nav">
|
||||
<td class="nav next">
|
||||
<input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_SEND; ?>" />
|
||||
<input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_LOGIN; ?>" />
|
||||
<input type="submit" value="<?php echo M_SEND; ?>" />
|
||||
</td>
|
||||
</tr>
|
||||
@ -739,9 +764,8 @@ function deleteAction ($linkName) {
|
||||
if (! count ($archiveInfo))
|
||||
return;
|
||||
if ($sender != $archiveInfo [T_SENDER]) {
|
||||
setSenderFake ("rmdir: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $dirTime, null, null);
|
||||
setSenderFake ("rmdir: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, null);
|
||||
$message .= "Tentative de supprimer un envoi dont vous n'êtes pas le propriétaire";
|
||||
$doLogout = true;
|
||||
return;
|
||||
}
|
||||
$fileToDelete = false;
|
||||
@ -752,11 +776,10 @@ function deleteAction ($linkName) {
|
||||
continue;
|
||||
$fileTime = $fileLink ['upload_date'];
|
||||
if (! valideTime ($dirTime, $fileTime)) {
|
||||
setSenderFake ("rmdir: newfile not same time", $sender, null, $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
|
||||
setSenderFake ("rmdir: newfile not same time", $sender, null, $dirLink, $fileLink);
|
||||
$message .= "Cet envoi a été forgée".
|
||||
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
||||
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
||||
//$doLogout = true;
|
||||
return;
|
||||
}
|
||||
$fileToDelete = true;
|
||||
@ -827,22 +850,20 @@ function deleteAction ($linkName) {
|
||||
$message .= ".";
|
||||
break;
|
||||
}
|
||||
setSenderFake ("rm: dir not same time", $sender, null, $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
|
||||
setSenderFake ("rm: dir not same time", $sender, null, $dirLink, $fileLink);
|
||||
$message .= "Cet envoi a été forgée. ".
|
||||
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
||||
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
||||
//$dologout = true;
|
||||
break;
|
||||
}
|
||||
if (valideTime ($dirTime, $fileTime)) {
|
||||
setSenderFake ("rm: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
|
||||
setSenderFake ("rm: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $fileLink);
|
||||
$message .= "Tentative de supprimer un envoi dont vous n'êtes pas le propriétaire.".
|
||||
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
||||
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
||||
//$doLogout = true;
|
||||
break;
|
||||
}
|
||||
setSenderFake ("rm: find not owner", $archiveInfo [T_SENDER], $sender, $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
|
||||
setSenderFake ("rm: find not owner", $archiveInfo [T_SENDER], $sender, $dirLink, $fileLink);
|
||||
$message .= "Quelqu'un avétait revandiqué cet envoi. (".$sender." != ".$archiveInfo [T_SENDER].")";
|
||||
break;
|
||||
}
|
||||
@ -1087,72 +1108,3 @@ require (JIRAFEAU_ROOT.'lib/template/footer.php');
|
||||
exit;
|
||||
|
||||
// ========================================
|
||||
// // $count = count ($lines)-1;
|
||||
// // $content = '';
|
||||
// // for ($i = 0; $i < $count; $i++)
|
||||
// // $content .= $lines [$i];
|
||||
// // if (isset ($archive [T_SIGN]) && $archive [T_SIGN] == md5 ($content))
|
||||
// // return $archive;
|
||||
// // $message .= "bad signature <pre>".print_r ($lines, 1)."</pre>";
|
||||
// // return [];
|
||||
|
||||
// function getSecret () {
|
||||
// if (!file_exists (VAR_PRIVATE."secret")) {
|
||||
// mkdir (VAR_PERIOD, 0700);
|
||||
// for ($s = '', $i = 0, $z = strlen ($a = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789')-1;
|
||||
// $i != 32;
|
||||
// $x = rand (0, $z), $s .= $a{$x}, $i++);
|
||||
// file_put_contents (VAR_PRIVATE."secret", $s.NL);
|
||||
// }
|
||||
// return trim (file (VAR_PERIOD."secret"));
|
||||
// }
|
||||
// function crea-teArchive ($archive, $key, $maxtime, $ip) {
|
||||
// if (!count ($archive))
|
||||
// return;
|
||||
// $content = T_ID.': '.time ();
|
||||
// if (isset ($archive [T_TIME]))
|
||||
// $content .= "time: ".$archive [T_TIME].NL;
|
||||
// if (isset ($archive [T_SENDER]))
|
||||
// $content .= "src: ".$archive [T_SENDER].NL;
|
||||
// foreach ([T_OLD, T_NEW] as $cat)
|
||||
// if (isset ($archiveInfo [$cat]))
|
||||
// foreach ($archiveInfo [$cat] as [$linkName, $cryptKey])
|
||||
// $content .= $cat.": ".$linkName." ".$cryptKey;
|
||||
// $content .= T_SIGN.": ".md5 ($content).NL;
|
||||
// $tmpFileName = tempnam (sys_get_temp_dir (), date ("newArchive-Ymd-H:i:s")."-");
|
||||
// file_put_contents ($tmpFileName, $content);
|
||||
|
||||
// $file ['name'] = $tmpFileName;
|
||||
// $file ['tmp_name'] = T_ARCHIVE_TITLE;
|
||||
// $file ['error'] = UPLOAD_ERR_OK;
|
||||
// $file ['type'] = T_ARCHIVE_MIME;
|
||||
// $file ['size'] = filesize ($file ['tmp_name']);
|
||||
|
||||
// $res = jirafeau_upload (
|
||||
// $file,
|
||||
// false,
|
||||
// $key,
|
||||
// $maxtime,
|
||||
// $ip,
|
||||
// $cfg ['enable_crypt'],
|
||||
// $cfg ['link_name_length'],
|
||||
// $cfg ['file_hash']
|
||||
// );
|
||||
// unlink ($tmpFileName);
|
||||
// }
|
||||
// function checkNewArchive ($archive) {
|
||||
// if (isset ($archiveInfo [T_NEW]))
|
||||
// foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
|
||||
// $fileLink = jirafeau_get_link ($fileName);
|
||||
// if (! count ($link))
|
||||
// return false;
|
||||
// //upload_date
|
||||
// }
|
||||
|
||||
// // all new never download
|
||||
// // all new mtime < 60s
|
||||
// }
|
||||
// function checkReadArchive ($archive) {
|
||||
// // md5
|
||||
// }
|
||||
?>
|
||||
|
@ -105,7 +105,7 @@ mkdir -p "${REP_PIECE_JOINTE}/"
|
||||
>"${ARCHIVE_CONTENT}"
|
||||
|
||||
# Etape de rafraichissement des anciens fichiers inclus
|
||||
echo -e "time: ${DATE_TEMPS}\nid: $(date +%s)" > "${ARCHIVE_CONTENT}"
|
||||
echo "time: ${DATE_TEMPS}\nid: $(date +%s)" > "${ARCHIVE_CONTENT}"
|
||||
[ -n "${TRACK}" ] && echo "sender: ${MAIL_SOURCE}" >> "${ARCHIVE_CONTENT}"
|
||||
|
||||
LOG_FIC "${SHRINK_CMD} -u \"${INSPECT_DIR}/in.$$\" 2>> \"${FIC_LOG}\" > \"${OLD_LINKS}\""
|
||||
@ -163,7 +163,7 @@ LOG_FIC "${SHRINK_CMD} -s ${MAX_KEEP_IN_MAIL} -d ${REP_PIECE_JOINTE} ${INSPECT_D
|
||||
done
|
||||
# Création de l'archive
|
||||
NB_ATTACH=$(grep -e "^old: " -e "^new: " "${ARCHIVE_CONTENT}" | wc -l)
|
||||
if [ -n "${TRACK}" ] || [ "${NB_ATTACH}" -gt 1 ]; then
|
||||
if [ \( -n "${TRACK}" -a "${NB_ATTACH}" -gt 0 \) -o "${NB_ATTACH}" -gt 1 ]; then
|
||||
PASSWORD=$(apg -n 1 -m 12)
|
||||
PASSWORD_MD5=$(echo -n ${PASSWORD} | ${MD5_CMD} | cut -d \ -f 1)
|
||||
LOG_FIC " - \"${JIRAFEAU_CMD}\" -f \"${JIRAFEAU_LOCAL}\" -s \"${MAX_UPLOAD_SIZE}\" -c \"${ARCHIVE_MIME}\" -n \"${ARCHIVE_TITLE}\" send \"${ARCHIVE_CONTENT}\" \"${PASSWORD}\" 2>> \"${FIC_LOG}\" > \"${ONE_LINK}\""
|
||||
|
Loading…
Reference in New Issue
Block a user